OneAuth/api/user/patch.go

//
// Copyright (C) 2024 veypi <i@veypi.com>
// 2025-03-04 16:08:06
// Distributed under terms of the MIT license.
//

package user

import (
	"github.com/veypi/vbase/auth"
	"github.com/veypi/vbase/cfg"
	"github.com/veypi/vbase/models"
	"github.com/veypi/vigo"
)

// PatchRequest 更新用户请求
type PatchRequest struct {
	UserID   string  `src:"path@user_id" desc:"用户ID"`
	Nickname *string `json:"nickname,omitempty" src:"json" desc:"昵称"`
	Email    *string `json:"email,omitempty" src:"json" desc:"邮箱"`
	Phone    *string `json:"phone,omitempty" src:"json" desc:"手机号"`
	Avatar   *string `json:"avatar,omitempty" src:"json" desc:"头像"`
}

// patch 更新用户
func patch(x *vigo.X, req *PatchRequest) (*models.User, error) {
	// 手动鉴权: 只能修改自己的信息，或者是管理员
	uid := auth.VBaseAuth.UserID(x)
	if uid != req.UserID {
		if !auth.VBaseAuth.CheckPerm(x.Context(), uid, auth.VBaseAuth.OrgID(x), "user:update", "") {
			return nil, vigo.ErrForbidden
		}
	}

	var user models.User
	if err := cfg.DB().First(&user, "id = ?", req.UserID).Error; err != nil {
		return nil, vigo.ErrNotFound
	}

	updates := make(map[string]any)
	if req.Nickname != nil {
		updates["nickname"] = *req.Nickname
	}
	if req.Email != nil {
		// 检查邮箱是否被其他用户使用
		var count int64
		cfg.DB().Model(&models.User{}).Where("email = ? AND id != ?", *req.Email, req.UserID).Count(&count)
		if count > 0 {
			return nil, vigo.ErrInvalidArg.WithString("email already exists")
		}
		updates["email"] = *req.Email
	}
	if req.Phone != nil {
		updates["phone"] = *req.Phone
	}
	if req.Avatar != nil {
		updates["avatar"] = *req.Avatar
	}

	if err := cfg.DB().Model(&user).Updates(updates).Error; err != nil {
		return nil, vigo.ErrInternalServer.WithError(err)
	}

	return &user, nil
}